AI Transparency Notice
Version 1.0 - Effective 2026-07-08 - Change log
Template document: review by a qualified data-protection lawyer or DPO before commercial reliance. Not legal advice.
1. Purpose and who this is for
This notice explains, in plain language, how the AI inside the Whistle intake widget works: what it does, what data it sees, who provides the underlying model, and how we handle the confidentiality questions that matter to law firms. It is written for three audiences: law firms evaluating Whistle, their DPOs and compliance teams, and visitors who simply want to know how the assistant on a firm's website works. Nothing here replaces the Privacy Policy or the DPA; it sits alongside them.
2. What the AI is, and is not
Whistle is an intake assistant. It answers general questions about a firm from the firm's own configuration, asks qualification questions the firm has defined, and books consultations.
It is not:
- a source of legal advice: it is configured to decline legal questions and route them to the firm;
- an assessor of the merits of your matter;
- a gatekeeper that rejects people. The assistant never automatically rejects a prospective client.
Every conversation ends in one of three ways:
| Outcome | What happens |
|---|---|
| Qualified | A consultation is booked and the firm is alerted |
| Referred | The visitor is pointed elsewhere using the firm's own referral guidance |
| Escalated | The enquiry is passed to a human at the firm |
Qualification outcomes are always routed to the firm for human handling; the assistant sorts and books, it does not decide.
Configurations that would breach these boundaries are prohibited by our Acceptable Use Policy.
3. How people are told they are talking to AI
Article 50 of the EU AI Act, applying from 2 August 2026, requires that people are informed clearly, at the latest at the time of first interaction, that they are interacting with an AI system.
How disclosure works in Whistle today, described exactly as it operates:
- Every deployment carries a configurable disclosure line (default: "I'm an AI assistant and can't give legal or professional advice, I just help get you booked in with the team."). This line is injected into the assistant's instructions so the assistant identifies itself as an AI in conversation.
- A persistent on-screen AI label is being added to the widget so that disclosure is visible in the interface itself and does not depend on the conversation. We are building to the standard Article 50 expects: disclosure before the user types, not buried in terms.
- Clients are contractually barred from presenting the AI as human: no human names, photos, or wording that obscures the AI's nature, per the Acceptable Use Policy.
4. What data the AI sees
Less than you might expect, by design. The intake flow separates the two channels of a conversation: what someone types freely, and who they are. Only the first ever reaches the AI, and only after redaction.
- Free text only, after redaction. Messages are passed through automated redaction that strips email addresses, phone numbers, and long digit runs before the AI sees them.
- Contact details never pass through the AI. Names, phone numbers, and emails are collected through structured form fields handled by our own EU-hosted backend.
- No transcripts by default. Raw conversation transcripts are not stored unless a client explicitly enables them.
- No chat content in server logs. Ever.
Redaction of free text is best-effort defence-in-depth (a text box can contain anything), which is why it is combined with the provider terms below and with guidance to visitors not to share sensitive details in chat.
For how long any of this is kept, see the Retention Schedule: the default is 365 days, configurable per firm, and firms handling sensitive intake often configure shorter periods. Erasure requests override retention; see the DSAR Procedure.
5. Our AI provider
Whistle uses Anthropic's Claude models under commercial API terms:
- No training on customer content. Your data, and your prospective clients' data, is never used to train models.
- Short, bounded retention by the provider for trust and safety purposes. A zero-data-retention arrangement is on our roadmap; until it is in place we describe retention honestly as short and bounded, not zero.
| Provider | Hosting region | Training on customer data |
|---|---|---|
| Anthropic (Claude) | US | No |
Transfer safeguards for the US processing are documented in the Transfer Risk Assessment and the DPA; every other service in the stack stores personal data in the EU (see the Security Overview).
6. Confidentiality and privilege for law firms
This section is deliberately careful, because the market is not.
We never claim that chats with the assistant are legally privileged. Pre-engagement intake conversations are generally not privileged: privilege requires communication with a lawyer (or a lawyer's agent) for the purpose of legal advice, and an intake bot qualifying an enquiry is neither. What prospective clients are owed is confidentiality: under ABA Model Rule 1.18 and SRA equivalents, a firm owes duties of confidentiality to prospective clients from the first information they share, even where privilege never attaches.
US v. Heppner (S.D.N.Y. 2026) shows what happens when this is handled carelessly. A defendant's conversations with a consumer AI chatbot were held not privileged on three independent grounds:
- the AI is not a lawyer or a lawyer's agent;
- there was no reasonable expectation of confidentiality, because the consumer terms of service permitted logging, use for training, and third-party disclosure;
- the use was not at counsel's direction.
Whistle is built on the opposite facts, point by point:
- Enterprise terms, not consumer terms: no training on customer content, and bounded retention rather than open-ended logging;
- Data minimisation: automated redaction before the AI, structured contact capture outside the AI, no transcripts by default;
- Deployed at the firm's direction: Whistle operates as the firm's processor under a DPA, on the firm's documented instructions, not as a tool a prospective client wandered into on their own.
Those are the conditions that preserve the confidentiality on which any privilege analysis depends. We still do not claim privilege, and neither should you.
Recommended firm-side wording. Firms should show a disclaimer before or at the start of chat. The following block, modelled on the Texas Bar's five-point sample chatbot disclaimer, is a starting point your firm can adapt:
This assistant does not provide legal advice, and using it does not create a lawyer-client relationship. Please do not share confidential or sensitive details in this chat; information shared here is not protected by legal privilege. The assistant can answer general questions and help you book a consultation; it cannot assess your legal matter. It is powered by artificial intelligence and may not always understand or respond accurately, so anything important should be confirmed with a member of our team. By continuing, you acknowledge and accept this notice.
Localise this to your bar's or the SRA's rules, and never copy another site's disclaimer verbatim: jurisdictional requirements differ, and a disclaimer written for someone else's practice may not protect yours.
7. Vendor vetting for legal ethics
Using an AI intake tool engages your professional duties, and we have tried to make discharging them fast:
- Model Rule 1.1 (competence) and ABA Formal Opinion 512: lawyers must understand a generative AI tool's data handling before relying on it. Sections 4 and 5 above are that description; the Security and Due-Diligence Questionnaire gives the full pre-answered vetting pack.
- Model Rule 1.6 (confidentiality): Opinion 512 treats using AI without understanding where client information goes as a confidentiality problem. Our answer: EU-only storage, redaction before AI, no training, bounded retention, no transcripts by default.
- Model Rule 5.3 (supervision of non-lawyer assistance) and Oregon Formal Opinion 2026-208 (the first opinion squarely on AI intake agents): AI intake is permitted, provided the bot cannot appear to create a lawyer-client relationship, promise undeliverable services, or guarantee outcomes, and provided the firm supervises it. Whistle's scope limits (section 2), the disclaimer above, and the AUP's prohibited configurations are built around exactly those conditions.
- SRA compliance tips: make clear to clients where they are interfacing with AI (section 3); have a DPA in place with any AI provider (ours is auto-incorporated, see the DPA); and know where data is processed (section 5 and the sub-processor list).
8. Automated decision-making
Under UK GDPR Articles 22A to 22D and EU GDPR Article 22, the assistant makes no solely automated decisions with legal or similarly significant effects. It does not reject prospective clients, score them against protected characteristics, or determine anyone's access to legal services. Qualification outcomes are routed to the firm for human handling; a human at the firm always makes the decision that matters.
9. EU AI Act classification
As an intake and booking assistant, Whistle is not an Annex III high-risk AI system: it does not evaluate legal claims, screen job candidates, determine access to essential services, or make decisions producing legal effects. Our Acceptable Use Policy prohibits the configurations that could change that classification: no legal advice, no recruitment screening, no solely automated significant decisions, no manipulative techniques. The applicable obligation is the Article 50 transparency duty described in section 3, and we treat it as ours to meet by design rather than the customer's to bolt on.
10. Questions
Email [email protected]. For security due diligence, start with the Security and Due-Diligence Questionnaire; for data-protection terms, the DPA; for what we do in an incident, the Breach Response Procedure.
This document is a GDPR-aligned template and must be reviewed by a qualified data-protection lawyer or DPO before commercial reliance. It is not legal advice.